toggle

AAPL Stock: 441.35 ( 0 )

http://www.macnn.com/articles/07/07/17/iphone.web.dialing.flaws/

Security firm warns against iPhone web dial

updated 10:30 am EDT, Tue July 17, 2007

 

iPhone web-dialing flaws


A web security company is warning against using a feature of the iPhone's web browser. According to SPI Dynamics, the ability to tap a Safari link and have it dial a number may be convenient, but it may also be exploitable by attackers. Examples given include the ability to track phonecalls, or redirect them to a number of an attacker's choosing, such as a 1-900 number; more serious threats involve calls being placed without confirmation, an infinite calling loop that can only be escaped through shutoff, or even the blocking of phonecalls altogether.

Worsening problems is the choice of three different vectors: while malicious, original websites are an option, it is also possible to abuse the cross-site scripting of legitimate sites, or deliver code through a web worm.

SPI says it reported its findings to Apple earlier in the month, with whom it is cooperating to close exploits; until then, it suggests that iPhone owners simply avoid dialing from Safari for whatever reason.


by MacNN Staff

Post tools:

TAGS :

 Apple

Related Articles

Recent Articles

toggle

Comments

  1. glasshalffull

    Fresh-Faced Recruit

    Joined: Apr 2007

    0
    07/17, 11:39am | report spam | Reply |

    non-issue

    Haven't we been over this already? Tapping a number form Safari does not dial the number. It puts the phone in a mode ready to dial the number, shows you the number that will be dialed on the screen. If it's not the right number then you simply press cancel. Safari on iPhone cannot directly dial telephone numbers.

    This is a total non-issue as far as I can see. Who makes this c*** up anyway, and who is dumb enough to post it as news?

  1. wings_rfs

    Fresh-Faced Recruit

    Joined: Dec 2002

    0
    07/17, 11:42am | report spam | Reply |

    "May be"?

    " may also be exploitable" When the key word changes from "may" to "can", wake me. I've heard so many cries from the anti-virus people that so-n-so feature COULD BE exploitable that I've pretty much become immune to the alarms and warnings issued by these guys. When the day comes that we start seeing real world active exploits in the wild, then and only then will I start to take their warnings seriously. Until then I'll go on with the belief that their cries of impending doom is really the cries of their own insignificance.

  1. glasshalffull

    Fresh-Faced Recruit

    Joined: Apr 2007

    0
    07/17, 11:51am | report spam | Reply |

    security alert

    An insecurity company has identified a critical security exploit related to telephone touch tone dialing pads. If a user incorrectly press the key labeled "9" instead of the key labeled "8" when attempting to dial 1-800 numbers they be inadvertently be directed to a pay-per-minute services.

    The manufacturer's of all telephones supporting a dialing pad where the number 9 key is adjacent to the number 8 key have been notified of the possible exploit.

  1. BDLatimer

    Fresh-Faced Recruit

    Joined: Aug 2005

    0
    07/17, 12:29pm | report spam | Reply |

    Non-issue

    Agreed: This "possible exploit" is nothing but an attempt to spread unsubstantiated FUD about the iPhone. I especially loved reading about how an "an infinite calling loop that can only be escaped through shutoff" could come about. (Um, "how", again?)

    Oh, and re: "security alert" - WELL stated ;-)

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    07/17, 12:37pm | report spam | Reply |

    Re: non-issue

    Haven't we been over this already? Tapping a number form Safari does not dial the number. It puts the phone in a mode ready to dial the number, shows you the number that will be dialed on the screen. If it's not the right number then you simply press cancel. Safari on iPhone cannot directly dial telephone numbers.

    This is a total non-issue as far as I can see. Who makes this c*** up anyway, and who is dumb enough to post it as news?

    Maybe you're right, but how many people pay attention to such things? Oh, you have to click "Send" before it goes out? Gee, and we know everyone will read the number, make sure its correct, and then hit "send".

    Another way to look at this would be to compare it to phishing. Phishing succeeds because there's a small minority of users who don't check that they've gone to the site they've clicked a link on, or notice that its not a secure site (safari doesn't help here, giving people no better visual cue then a small padlock in the corner, as opposed to messages, colored address bars, etc), enter in some info, and, boom, they've just gave their bank passowrd to nefarious types.

    Sure, all standard Mac and Apple users are way too intelligent to fall for such deceit. But the iPhone is being used by poor, ignorant Windows users as well. And you know THOSE people. They never pay attention to anything.

  1. glasshalffull

    Fresh-Faced Recruit

    Joined: Apr 2007

    0
    07/17, 01:05pm | report spam | Reply |

    stupidity patch

    If users choose to ignore dialogs there's not much you can do. I know of no stupidity patch.

  1. glasshalffull

    Fresh-Faced Recruit

    Joined: Apr 2007

    0
    07/17, 01:13pm | report spam | Reply |

    UAC

    Speaking of Windows users, isn't it exactly that which MS is expecting of users with it's User Access Controls?

    Present them a dialog for everything and expect them to decide what is safe..

  1. Guest

    Fresh-Faced Recruit

    Joined: Nov 1999

    0
    07/17, 01:22pm | report spam | Reply |

    blocked?

    per AT&T website:

    "Blocked Numbers

    AT&T used its right to block access to certain numbers to prevent various numbers from being dialed from the wireless handset. Most of these numbers are used by conference calling services and chat lines that claim to be "free". However, AT&T incurs a significant cost for these calls, and such costs are detrimental to our ability to continue to provide reasonably priced calling services to our customers.

    The following number exchanges are restricted from being dialed from the wireless handset:

    * 1-900 numbers * Any NPA + 976, regardless of the long distance provider * Certain chat and conferencing services that result in the end user and/or AT&T being charged excessive rates "

  1. CorDog

    Fresh-Faced Recruit

    Joined: Mar 2006

    0
    07/17, 01:51pm | report spam | Reply |

    May?

    You "May" be killed in an auto accident driving your car to work, so you better quit driving to work!

  1. hayesk

    Professional Poster

    Joined: Sep 1999

    0
    07/17, 02:46pm | report spam | Reply |

    To: testudo

    "Another way to look at this would be to compare it to phishing"

    That would be an incorrect way of looking at. The number looks exactly like the number that will be dialed. It's not like Phishing where the website looks like another website.

    Eventually users need to take responsibility for their own actions. Anyone who falls for this is not because the UI led them astray, but because they are lazy or stupid. This is not phishing.

Show More Comments

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

toggle

Most Commented

 

Popular News